From owner-freebsd-ports-bugs@freebsd.org Sun Jan 17 22:43:20 2016 Return-Path: Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 63539A8636E for ; Sun, 17 Jan 2016 22:43:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3A16C111C for ; Sun, 17 Jan 2016 22:43:20 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id u0HMhJnm091824 for ; Sun, 17 Jan 2016 22:43:20 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 206347] dns/unbound update to 1.5.7 [PATCH] Date: Sun, 17 Jan 2016 22:43:19 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Ports & Packages X-Bugzilla-Component: Individual Port(s) X-Bugzilla-Version: Latest X-Bugzilla-Keywords: patch X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: jaap@NLnetLabs.nl X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: sem@FreeBSD.org X-Bugzilla-Flags: maintainer-feedback? X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status keywords bug_severity priority component assigned_to reporter cc flagtypes.name attachments.created Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jan 2016 22:43:20 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D206347 Bug ID: 206347 Summary: dns/unbound update to 1.5.7 [PATCH] Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: sem@FreeBSD.org Reporter: jaap@NLnetLabs.nl CC: erwin@FreeBSD.org Flags: maintainer-feedback?(sem@FreeBSD.org) Keywords: patch Assignee: sem@FreeBSD.org Created attachment 165731 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D165731&action= =3Dedit patch to update Current unbound port is dated (version 1.5.5), current version is 1.5.7. Some Upgrade Notes: This release fixes a validation failure for nodata with wildcards and emptynonterminals. Fixes OpenSSL Library compability. Fixes correct response for malformed EDNS queries. And it has Windows changes to make unbound portable possible. For crypto in libunbound there is libnettle support. Qname minimisation is implemented. Use qname-minimisation: yes to enable it. This version sends the full query name when an error is found for intermediate names. It should therefore not fail for names on nonconformant servers. It combines well with harden-below-nxdomain: yes because those nxdomains are probed by the qname minimisation, and that will both stop privacy sensitive traffic and reduce nonsense traffic to authority servers. So consider enabling both. In this implementation IPv6 reverse lookups add several labels per increment, because otherwise those lookups would be very slow. [ Reference https://tools.ietf.org/html/draft-ietf-dnsop-qname-minimisation-08 ] More details at --=20 You are receiving this mail because: You are the assignee for the bug.=